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In the claims: 

All clauxis presented for examination are listed below. 

1 . (CuOTesntly amended) An apparatus to secure online transactions on the Internet 
comprising: 

a card reader plugged into a micropfinne i nput of the PC sound card: 
a smart card transmitting an identification sequence to [[a]] themicmp hnnfl input 
of Ae PC in the.foim of a modulated signal; 

a cord roador pluggod into tho microphon e input of the PC oound ourd; and 

a PC applet demodulating ttie identification sequence; 

charactaized by die absence of processing means within the card reader. 

2. (Previously presented) The ^aratus of claim 1, wherein the identification sequence 
comprises at least a unique card number and a random number valid only once. 

3. (Previously presented) The apparatus of claim 2, wherein the random number is a 
session key (Ki) which is not transmitted to the auth<aatication server, 

4. (Previously presented) The apparatus of claim 3, wherein the session key (Ki) is a 
function of the previous one (Ki-1) emitted by the card, wherein Ki GOKi-1) and G is a 
one-way function also known by the authentication server. 

5. (PitBviously presented) The apparatus of claim 4, wherein the session key (Ki) is used 
by the PC applet to generate a message authentication code (MAC) of the passwoid 
entered by the user; said furst MAC is transmitted to the authentication server along with 
the card number. 
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6. (Previously presented) The apparatus of claim 5, wherein the authentication server 
generates a second MAC of the password stored in the authentication server database, 
using a session key deduced from the previous one (Ki-1) also stored in the database. 

7. (Previously presented) The apparatus of claim 6, yvberein the authentication is valid 
only if said first and second MAC are identical: if this i$ the case, ftie authesntication 
server replaces (Ki- 1) by (Ki) in the database and (Ki) cannot be reused. 

8. (Previously presented) The ^paratus as in claim 1, wherein flie smart card is powered 
by the voltage provided by the nadarophone input of the PC sound card. 

9. (Previously presented) The apparatus as in claim 8, wherein the smart card transmits 
the modulated signal when the switch of the card reader is pressed by the user. 

10. (Previously presented) The ^paratus as in claim 9, wherein the smart card transmits 
tibe modulated signal to the microphone input through tibie JSO contact 06. 

U. (Previously presented) The eppatatm as in claim 10, vdherein the smart card transmits 
the modulated signal when die ISO contact C2 is pulled down. 

12. (Previously presented) The apparatus as in claim 1 1 , wherein the smart card is 
powered throuj^ the ISO contacts C4 and C8. 

13. (Previously presented) The apparatus as in claim 1, wherein the card reader further 
comprises a battery cell powering the card; said reada- is alternatively plugged into the 
line input of tibie PC sound caid. 

14. (Canceled) 
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15. (Previously presented) The apparatus as in claim 1, wherein Ihe card reader is further 
integrated into the PC unit or display. 

16. (Currently amwjded)) A mefliod for securing online transaotioiis <m the Internet 
comprising: 

(a) providing a smart card fiir transinittiiig an identification sequence [[by a]] from 
IhS smart card to a PC in the form of a modulated signal; 

(b) plugging a card reader into the microphone input of the PC sound card the 
card reader devoid of processing means; asd 

(c) transmitting Ihe modulated signal dir ectly from the smart card to fj je 
mlCTOtiho ne input of the PC via the card reader! and 

MLdemodulating the identification sequence by a PC applet. 

17. (Previously presented) The method of claim 1, wherein the identification sequence in 
step (a) comprises at least a unique card number and a random number valid only once. 

18. (Previously presented) The method of claim 17, wherein the random number is a 
session ksy (Ki) which is not transmitted to the authentication server. 

19. (Previously presented) The method of daim 18, whaein the session key (Ki) ia a 
function of the previous one (Ki-1) emitted by the card, wherein Ki G(Ki-l) and G is a 
one-way function also known by the antheoiication server. 

20. (Previously presented) The method of claim 18, wherein the session key (Ki) is used 
by the PC applet to generate a message authentication code (MAC) of the password 
entered by the user; said fust MAC is transmitted to the authentication server along with 
the card number. 
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21 . (Previously presented) The method of claim 20, wherein the authentication server 
generates a second MAC of the password stored in the authentication server database, 
using a session key deduced from the previous one (Ki-1) also stored in the database. 

22. (Previously presented) The method of claim 21, wherein the authentication is valid 
only if said jBurst and second MAC are identical; if this is the case, the authentication 
server replaces (Ki- 1) by (Ki) in the database and (Ki) cannot be reused. 
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